Re: [tpmdd-devel] [RFC] tpm2-space: add handling for global session exhaustion

From: James Bottomley
Date: Fri Jan 27 2017 - 17:07:01 EST

Next message: Matt Fleming: "[GIT PULL] EFI urgent fix"
Previous message: Sven Schmidt: "[PATCH v6 4/5] fs/pstore: fs/squashfs: Change usage of LZ4 to work with new LZ4 version"
In reply to: James Bottomley: "Re: [tpmdd-devel] [RFC] tpm2-space: add handling for global session exhaustion"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 2017-01-27 at 16:20 -0500, Ken Goldman wrote:
> On 1/19/2017 7:41 AM, Jarkko Sakkinen wrote:
> >
> > I actually think that the very best solution would be such that
> > sessions would be *always* lease based. So when you create a
> > session you would always loose within a time limit.
> >
> > There would not be any special victim selection mechanism. You
> > would just loose your session within a time limit.
>
> I worry about the time limit.
>
> I have a proposed use case (policy signed) where the user sends the
> session nonce along with a "payment" to a vendor and receives back a
> signature authorization over the nonce.
>
> The time could be minutes or even hours.

So the problem is that sessions are a limited resource and we need a
way to allocate them when under resource pressure. Leasing is the
fairest way I can think of but I'm open to other mechanisms if you
propose them.

Note that the lease mechanism doesn't mean every session expires after
the limit, it just means that every session becomes eligible for
reclaim after the limit. If there's no-one else waiting, you can keep
your session for hours.

James

Next message: Matt Fleming: "[GIT PULL] EFI urgent fix"
Previous message: Sven Schmidt: "[PATCH v6 4/5] fs/pstore: fs/squashfs: Change usage of LZ4 to work with new LZ4 version"
In reply to: James Bottomley: "Re: [tpmdd-devel] [RFC] tpm2-space: add handling for global session exhaustion"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]